The hacking of REvil's servers was revealed by US intelligence services.

 Hackers from the Ravil group were forced to curtail their activities after implementing an international operation to neutralize them.

The REvil hacker collective was themselves hacked, and as a result, they had to halt their online activity due to an international operation. Reuters cites independent U.S. cybersecurity experts when reporting this.
Advisor for the US Secret Service's cybercrime unit Tom Kellermann has spoken out about an international collaborative operation by countries with similar political views to combat hacking groups.

A group of hackers known as REvil was first to unleash a ransomware virus into the networks of multiple US government agencies before it was stopped.
Happy Blog, a group page where hackers publicised the identities of cyberattack victims and examples of stolen data, is no longer accessible, according to the agency.
0 neday, likely one of REvil's commanders, announced that the group's servers had been compromised by unknown parties and that he was "out of the game" in the cybercriminals forum, according to the experts.

After attacks on JBS and Kaseya, REvil was forced to shut down its darknet sites in July.
A bunch of hackers returned on September 9th, restoring both their websites and payment portals.
Despite this, the resurrected band was unable to duplicate their previous success. In addition, the commission for partners had to be increased to 90%.